<?php
session_start();
$newpassword = $_POST['password'];
$newname = $_POST['name'];
$newlastname = $_POST['lastname'];

if($newpassword != "" && $newname != "" && $newlastname!= ""){
	$link = mysql_connect("localhost", "root", "1234");
	mysql_select_db("busticket", $link);
	mysql_query("SET NAMES UTF8");
	$query = "update member set password = '".$newpassword."',name = '".$newname."',lastname = '".$newlastname."' where id = '".$_SESSION['memberid']."'";
	mysql_query($query,$link);
	mysql_close($link);
	header("Location:loginControl.php?username=".$_SESSION['username']."&password=".$newpassword."");
} else if($newpassword == "" && $newname != "" && $newlastname!= ""){
	$link = mysql_connect("localhost", "root", "1234");
	mysql_select_db("busticket", $link);
	mysql_query("SET NAMES UTF8");
	$query = "update member set name = '".$newname."',lastname = '".$newlastname."' where id = '".$_SESSION['memberid']."'";
	mysql_query($query,$link);
	mysql_close($link);
	header("Location:loginControl.php?username=".$_SESSION['username']."&password=".$_SESSION['password']."");
} else {
	header("Location:../view/edit.php?err");
}
?>